﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using Pai.LiveStation.Data;
using System.Web.Security;
namespace Pai.LiveStation.Web
{
    public static class SecurityHelper
    {

        public static void AuthorizeShowMembership(int showID)
        {
            using (RadioClassesDataContext dc = new RadioClassesDataContext())
            {
                try
                {
                    RadioShowsMember sm = dc.RadioShowsMembers.Where(x => x.UserID.Equals((Guid)Membership.GetUser().ProviderUserKey))
                        .Where(y => y.RadioShowID == showID).FirstOrDefault();

                    if (sm == null)
                        throw new System.Web.HttpException("Unauthorized access.");
                }
                catch (Exception e)
                {
                    throw new System.Web.HttpException("Unauthorized access.");
                }
            }
        }


    }

    public class IsPostedFromThisSiteAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext.HttpContext != null)
            {
                if (filterContext.HttpContext.Request.UrlReferrer == null)
                {
                    throw new System.Web.HttpException("Invalid submission");
                }
                if (filterContext.HttpContext.Request.UrlReferrer.Host != "mysite.com")
                {
                    throw new System.Web.HttpException("This form wasn't submitted from this site!");
                }
            }
            base.OnAuthorization(filterContext);
        }
    }

}